From owner-freebsd-security@FreeBSD.ORG Thu Oct 13 07:25:46 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4F79816A41F for ; Thu, 13 Oct 2005 07:25:46 +0000 (GMT) (envelope-from jere@htnet.hr) Received: from ls405.htnet.hr (ls405.htnet.hr [195.29.150.97]) by mx1.FreeBSD.org (Postfix) with ESMTP id 97A2643D46 for ; Thu, 13 Oct 2005 07:25:44 +0000 (GMT) (envelope-from jere@htnet.hr) Received: from ls401.t-com.hr (ls401.t-com.hr [195.29.150.236]) by ls405.htnet.hr (0.0.0/8.12.10) with ESMTP id j9D7PfWl028394; Thu, 13 Oct 2005 09:25:41 +0200 Received: from ls401.t-com.hr (localhost.localdomain [127.0.0.1]) by ls401.t-com.hr (Qmlai) with ESMTP id AAA8070003; Thu, 13 Oct 2005 09:25:41 +0200 (CEST) X-Envelope-Sender: jere@htnet.hr X-Envelope-Sender: jere@htnet.hr X-Envelope-Sender: jere@htnet.hr Received: from [195.29.148.251] (bla.htnet.hr [195.29.148.251]) by ls401.t-com.hr (Qmlai) with ESMTP id 60980A802D; Thu, 13 Oct 2005 09:25:41 +0200 (CEST) Message-ID: <434E0C7C.5060408@htnet.hr> Date: Thu, 13 Oct 2005 09:27:56 +0200 From: jere Organization: bla User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050428) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Ivan Voras References: <200510111202.j9BC2obf081876@freefall.freebsd.org> <434CBDC2.407 0405@open-networks.net><434CE0F1.6090400@htnet.hr><20051012134440.GA17517@d roopy.unibe.ch> <434D1A21.9040104@fer.hr> In-Reply-To: <434D1A21.9040104@fer.hr> X-Enigmail-Version: 0.89.6.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Thu, 13 Oct 2005 13:24:20 +0000 Cc: freebsd-security@freebsd.org, Tobias Roth Subject: Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Oct 2005 07:25:46 -0000 I agree with that. What enterprise environment wants is quick patching and a quick rollback (in case of failure). Nobody asks you how good is or how much you like your OS - system just has to work - that's all. FreeBSD itself *is* very robust OS but not having this properties it is still limited to be widely accepted in large production environments. j. Ivan Voras wrote: > Tobias Roth wrote: > >> On Wed, Oct 12, 2005 at 12:09:53PM +0200, jere wrote: > >> And you cannot expect the port maintainers >> to backport security fixes if the upstream provider chose to release the >> fix only together with a new version. > > Yes you can, ask these guys: http://www.debian.org/. It's just a matter > of policy. > > I dislike the long cycles between version updates in Debian but must > admit that the "stable" distributions indeed justify their name, > INCLUDING packages. >